Maven: How to connect with Nexus using HTTPS

Maven can be set up to use a private repository, i.e. Nexus. Usually the repository runs on http and there isn’t any problem to connect to the repository, but when the repository runs on https maven isn’t able to connect to it automatically. The solution to this is to add the server’s certificate to the default Java keystore.

When connecting to your https-repository fails, Maven will show you an exception like

To resolve this, download the server’s certificate and add it to the default Java keystore. The easiest way to download the certificate is with the Java provided keytool.

The following command is an example to download the certificate to a .pem file

Of course the proxy-part is optional.

Now you downloaded the certificate, you can add it to the keystore with the following command

Note that $JAVA_HOME is the path to your JDK that is known by Maven.

That’s it, folks!

2 thoughts on “Maven: How to connect with Nexus using HTTPS

  1. Wouldn’t it be easier to just make sure the server runs a non-self-signed certificate? Having to import a certificate on every client that wants to connect to your Nexus install is a giant hassle, and with free certificate providers such as LetsEncrypt you can secure a server with a widely accepted certificate in no time.

    • Hi Jeroen,

      Thank you for your comment.

      Of course it would be easier to use a certificate with an already trusted root-certificate.
      But not all organisations are within the default root-certificate tree already in the Java truststore.

      In this case you’ll have to trust the certificate before the connection is accepted.

Leave a Reply

Your email address will not be published. Required fields are marked *